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Abstract 


The Network Time Protocol (NTP) is used in networks of all types and 
sizes for time synchronization of servers, workstations, and other 
networked equipment. As time synchronization is more and more a 
mission-critical service, standardized means for monitoring and 
management of this subsystem of a networked host are required to 
allow operators of such a service to set up a monitoring system that 
is platform- and vendor-independent. This document provides a 
standardized collection of data objects for monitoring the NTP entity 
of such a network participant and it is part of the NTP version 4 
standardization effort. 


5Status of This Memo 
This is an Internet Standards Track document. 


This document is a product of the Internet Engineering Task Force 


(IETF). It represents the consensus of the IETF community. It has 
received public review and has been approved for publication by the 
Internet Engineering Steering Group (IESG). Further information on 


Internet Standards is available in Section 2 of RFC 5741. 
Information about the current status of this document, any errata, 


and how to provide feedback on it may be obtained at 
http://www.rfc-editor.org/info/rfc5907. 
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Copyright Notice 


Copyright (c) 2010 IETF Trust and the persons identified as the 
document authors. All rights reserved. 


This document is subject to BCP 78 and the IETF Trust’s Legal 
Provisions Relating to IETF Documents 
(http://trustee.ietf.org/license-info) in effect on the date of 
publication of this document. Please review these documents 
carefully, as they describe your rights and restrictions with respect 
to this document. Code Components extracted from this document must 
include Simplified BSD License text as described in Section 4.e of 
the Trust Legal Provisions and are provided without warranty as 
described in the Simplified BSD License. 
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1. Introduction 


The NTPv4 MIB module is designed to allow Simple Network Management 
Protocol (SNMP) to be used to monitor and manage local NTP [RFC5905] 
entities. It provides a collection of data objects that can be 
queried using the SNMP protocol and represent the current status of 
the NTP entity. This includes general information about the NTP 
entity itself (vendor, product, version) as well as connectivity to 
upstream NTP servers used as sources of reference time and to 
hardware reference clocks like radio clocks. The most important 
values are included in order to be able to detect failures before 
they can have an impact on the overall time synchronization status of 
the network. There are also a collection of notification objects to 
inform about state changes in the NTP entity. There are objects to 
control these notifications as well. 


Gerstung, et al. Standards Track [Page 2] 


RFC 5907 Definitions of Managed Objects for NTPv4 June 2010 


2 


Conventions Used in This Document 


The capitalized key words "MUST", "MUST NOT", "REQUIRED", "SHALL", 
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and 
"OPTIONAL" in this document are to be interpreted as described in 
[RFC2119]. 


The Internet-Standard Management Framework 
For a detailed overview of the documents that describe the current 


Internet-Standard Management Framework, please refer to section 7 of 
RFC 3410 [RFC3410]. 


Managed objects are accessed via a virtual information store, termed 
the Management Information Base or MIB. MIB objects are generally 
accessed through the Simple Network Management Protocol (SNMP). 
Objects in the MIB are defined using the mechanisms defined in the 
Structure of Management Information (SMI). This memo specifies a MIB 
module that is compliant to the SMIv2, which is described in STD 58, 
RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 
[RFC2580]. 


Technical Description 


The NTPv4 MIB module is divided into sections for general server 
information, current NTP entity status, status information of all 
mobilized associations (e.g., unicast upstream time servers, 
multicast or broadcast, time references, and hardware clocks), NTP 
entity control objects, NTP objects used only for notifications, as 
well as SNMP notification definitions for core events. 


The general server information section contains static information 
and can be queried to identify which NTP implementation is running on 
a host. This includes the vendor and product name of the running NTP 
software as well as version information, hardware/os platform 
identity, and the time resolution of the underlying OS. 


Section 2 (current NTP status) includes data objects that represent 
the current operational status of the NTP entity. 


The third section contains data objects that represent the set of 
time references ("associations") with which the NTP entity is 
currently working. 


The fourth section contains objects that can be used to control the 
NTP entity. The currently defined objects control how often the 
heartbeat interval notification is sent out and which notifications 
are enabled. 
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The fifth section contains objects that are only used as varbinds in 
notifications. There is currently only one object in this section -- 
a message that adds a cleartext event message to notifications. 


Certain important events can occur while the NTP entity is running. 
The notification section defines SNMP notifications for a collection 
of the most important ones ("core events") and additionally provides 
a heartbeat notification as well as a test notification to allow 
management systems to test the reception of NTP-related notifications 
as well as enable heartbeat-—based monitoring systems to assure that 
the NTP entity is still up and running. 


Some values are included both in numeric and in human-readable 
(string) format. This has been done to simplify the representation 
of a status information. If the two representations of a certain 
value differ, the numeric representation takes precedence. 


5. MIB Definition 


—— KK KK KKK KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK 


== The Network Time Protocol Version 4 
oa Management Information Base (MIB) 


== Authors: Heiko Gerstung (heiko.gerstung@meinberg.de) 
==> Chris Elliott (chelliot@pobox.com) 


ae for the Internet Engineering Task Force (IETF) 
== NTP Working Group (ntpwg) 


—— *kkxkžxkxkxkxkxkxkxkxkkxkxkkkkkkkkkkkkkkkkkxkkkkkkkkkxkkkkkkkkkkkkkkkkkkkkkkkkkkkkxkxk 


-- Rev 1.00 
-- Published as RFC 5907 


—— KK KK KKK KKK KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK 


NTPv4-MIB DEFINITIONS ::= BEGIN 


IMPORTS 
MODULE-IDENTITY, OBJECT-TYPE , mib-2, Integer32, NOTIFICATION-TYPE, 
Unsigned32, Counter32, TimeTicks 
FROM SNMPv2-SMI -- RFC 2578 

MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 
FROM SNMPv2-CONF -- RFC 2580 

DisplayString, TEXTUAL-CONVENTION 
FROM SNMPv2-TC -- RFC 2579 
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InetAddressType, InetAddress 


FROM INET-ADDRESS-MIB -- RFC 4001 
Utf£8String 
FROM SYSAPPL-MIB; -- RFC 2287 


ntpSnmpMIB MODULE-IDENTITY 
LAST-UPDATED "201005170000Z" -- May 17, 2010 
ORGANIZATION "The IETF NTP Working Group (ntpwg)" 
CONTACT-INFO 
m WG Email: ntpwg@lists.ntp.isc.org 
Subscribe: 
https://lists.ntp.isc.org/mailman/listinfo/ntpwg 


Heiko Gerstung 

Meinberg Funkuhren Gmbh & Co. KG 
Lange Wand 9 

Bad Pyrmont 31812 

Germany 


Phone: +49 5281 9309 25 
Email: heiko.gerstung@meinberg.de 


Chris Elliott 
1516 Kent St. 
Durham, NC 27707 
USA 


Phone: +1-919-308-1216 
Email: chelliot@pobox.com 


Brian Haberman 

11100 Johns Hopkins Road 
Laurel, MD 20723 

USA 


Phone: +1-443-778-1319 
Email: brian@innovationslab.net" 
DESCRIPTION 
"The Management Information Base for NTP time entities. 


Copyright (c) 2010 IETF Trust and the persons identified as 
authors of the code. All rights reserved. 


Redistribution and use in source and binary forms, with or 
without modification, is permitted pursuant to, and subject 
to the license terms contained in, the Simplified BSD License 
set forth in Section 4.c of the IETF Trust’s Legal Provisions 
Relating to IETF Documents 
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(http://trustee.ietf.org/license-info) ." 
REVISION "2010051700002" 
DESCRIPTION 
"This revision of the MIB module is published as RFC 5907." 
:= { mib-2 197 } 

ntpSnmpMIBObjects OBJECT IDENTIFIER ::= { ntpSnmpMIB 1 } 
-- MIB contains 6 groups 
ntpEntInfo OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 1 } 
ntpEntStatus OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 2 } 
ntpAssociation OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 3 } 
ntpEntControl OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 4 } 
ntpEntNotifObjects OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 5 } 


-- Textual Conventions 


NtpStratum ::= TEXTUAL-CONVENTION 
DISPLAY-HINT "q" 
STATUS current 
DESCRIPTION 
"The NTP stratum, with 16 representing no stratum." 
SYNTAX Unsigned32 (1..16) 
NtpDateTime := TEXTUAL-CONVENTION 
DISPLAY-HINT "4d:4d:4d.4d" 
STATUS current 
DESCRIPTION 
"NTP date/time on the device, in 128-bit 
NTP date format. If time is not syncronized, this 


field shall be a zero-length string. 


This trusted certificate 


(TC) is not to be used for objects 


that are used to set the time of the node querying this 


object. NIP should be used for this -- or at least SNIP." 
REFERENCE "RFC 5905, section 6" 
SYNTAX OCTET STRING (SIZE (0 | 16) ) 


Gerstung, et 


Section 1: 


General NTP Entity information objects 
(relatively static information) 
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ntpEntSoftwareName OBJECT-TYPE 


SYNTAX Utf8String 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The product name of the running NTP version, e.g., /ntpd’." 
:= { ntpEntInfo 1 } 


ntpEntSoftwareVersion OBJECT-TYPE 

SYNTAX Utf8String 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"The software version of the installed NIP implementation 
as a full version string, e.g., ‘’ntpd-4.2.0b@1.1433 ...’" 

::= { ntpEntInfo 2 } 


ntpEntSoftwareVendor OBJECT-TYPE 


SYNTAX Utf8String 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The vendor/author of the installed NTP version." 
::= { ntpEntInfo 3 } 


ntpEntSystemType OBJECT-TYPE 


SYNTAX Utf8String 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"General hardware/os platform information, 

e.g., ‘Linux 2.6.12 / x86’." 
-- freely configurable, default is OS Version / Hardware platform 
::= { ntpEntInfo 4 } 


ntpEntTimeResolution OBJECT-TYPE 


SYNTAX Unsigned32 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The time resolution in integer format, where the resolution 
is represented as divisions of a second, e.g., a value of 1000 
translates to 1.0 ms." 

:= { ntpEntInfo 5 } 
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ntpEntTimePrecision OBJECT-TYPE 

SYNTAX Integer32 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"The entity’s precision in integer format, shows the precision. 
A value of -5 would mean 2^-5 = 31.25 ms." 

:= { ntpEntInfo 6 } 


ntpEntTimeDistance OBJECT-TYPE 


SYNTAX DisplayString 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The distance from this NIP entity to the root time reference 
(stratum 0) source including the unit, e.g., ’13.243 ms’." 
::= { ntpEntInfo 7 } 


-- Section 2: Current NTP status (dynamic information) 


ntpEntStatusCurrentMode OBJECT-TYPE 
SYNTAX INTEGER { 

notRunning (1), 
notSynchronized(2), 
noneConfigured(3), 
syncToLocal (4), 
syncToRefclock(5), 
syncToRemoteServer (6), 
unknown (99) 


} 
MAX-ACCESS read-only 


STATUS current 
DESCRIPTION 
"The current mode of the NTP. The definition of each possible 
value is: 
notRunning(1) - NIP is not running. 
notSynchronized(2) - NIP is not synchronized to any time 
source (stratum = 16). 
noneConfigured(3) - NIP is not synchronized and does not 
have a reference configured 
(stratum = 16). 
syncToLocal(4) - NTP is distributing time based on its 
local clock (degraded accuracy and/or 
reliability). 
syncToRefclock(5) - NTP is synchronized to a local 


hardware refclock (e.g., GPS). 
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syncToRemoteServer(6) - NTP is synchronized to a remote 
NTP server (’upstream’ server). 
unknown(99) - The state of NTP is unknown." 


::= { ntpEntStatus 1 } 


ntpEntStatusStratum OBJECT-TYPE 


SYNTAX NtpStratum 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The NIP entity’s own stratum value. Should be a stratum of 
syspeer + 1 (or 16 if no syspeer)." 
::= { ntpEntStatus 2 } 


ntpEntStatusActiveRefSourceId OBJECT-TYPE 


SYNTAX Unsigned32 ( 0..99999 ) 
MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 


"The association ID of the current syspeer." 
::= { ntpEntStatus 3 } 


ntpEntStatusActiveRefSourceName OBJECT-TYPE 


SYNTAX Utf8String 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The hostname/descriptive name of the current reference source 
selected as syspeer, e.g., ‘/ntpl.ptb.de’ or ’GPS’ or 
OD EH 4 Anes 3 

::= { ntpEntStatus 4 } 


ntpEntStatusActiveOffset OBJECT-TYPE 


SYNTAX DisplayString 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The time offset to the current selected reference time source 
as a string including unit, e.g., ’0.032 ms’ or "1.232 s’." 
::= { ntpEntStatus 5 } 


ntpEntStatusNumberOfRefSources OBJECT-TYPE 


SYNTAX Unsigned32 (0..99) 
MAX-ACCESS read-only 

STATUS current 
DESCRIPTION 


"The number of reference sources configured for NTP." 
::= { ntpEntStatus 6 } 
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ntpEntStatusDispersion OBJECT-TYPE 


SYNTAX DisplayString 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The root dispersion of the running NTP entity, e.g., '6.927’." 
:= { ntpEntStatus 7 } 


ntpEntStatusEntityUptime OBJECT-TYPE 


SYNTAX TimeTicks 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"The uptime of the NTP entity, (i.e., the time since ntpd was 
(re-) initialized not sysUptime!). The time is represented in 


hundreds of seconds since Jan 1, 1970 (00:00:00.000) UTC." 
::= { ntpEntStatus 8 } 


ntpEntStatusDateTime OBJECT-TYPE 

SYNTAX NtpDateTime 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"The current NTP date/time on the device, in 128-bit 
NTP date format. If time is not syncronized, this 
field shall be a zero-length string. 


This object can be used to timestamp events on this 
node and allow a management station to correlate 
different time objects. For example, a management 
station could query this object and sysUpTime in 
the same operation to be able to relate sysUpTime 
to NTP time. 


This object is not to be used to set the time of 
the node querying this object. NTP should be used 
for this -- or at least SNTP." 

REFERENCE "RFC 5905, section 6" 

::= { ntpEntStatus 9 } 


ntpEntStatusLeapSecond OBJECT-TYPE 

SYNTAX NtpDateTime 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"Date the next known leap second will occur. If there is 
no leap second announced, then this object should be 0." 

::= { ntpEntStatus 10 } 
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ntpEntStatusLeapSecDirection OBJECT-TYPE 


SYNTAX Integer32 (-1..1) 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"Direction of next known leap second. If there is no 


leap second announced, then this object should be 0." 
:= { ntpEntStatus 11 } 


ntpEntStatusInPkts OBJECT-TYPE 


SYNTAX Counter32 
UNITS "packets" 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of NTP messages delivered to the 

NTP entity from the transport service. 

Discountinuities in the value of this counter can occur 
upon cold start or reinitialization of the NTP entity, the 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 


::= { ntpEntStatus 12 } 


ntpEntStatusOutPkts OBJECT-TYPE 


SYNTAX Counter32 
UNITS "packets" 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of NTP messages delivered to the 
transport service by this NTP entity. 
Discountinuities in the value of this counter can occur 
upon cold start or reinitialization of the NTP entity, the 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 

:= { ntpEntStatus 13 } 


ntpEntStatusBadVersion OBJECT-TYPE 


SYNTAX Counter32 
UNITS "packets" 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of NTP messages that were delivered 
to this NTP entity and were for an unsupported NTP 
version. 
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Discountinuities in the value of this counter can occur 
upon cold start or reinitialization of the NTP entity, the 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 

::= { ntpEntStatus 14 } 


ntpEntStatusProtocolError OBJECT-TYPE 


SYNTAX Counter32 
UNITS "packets" 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of NTP messages that were delivered 
to this NTP entity and this entity was not able to 
process due to an NTP protocol error. 
Discountinuities in the value of this counter can occur 
upon cold start or reinitialization of the NTP entity, the 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 

::= { ntpEntStatus 15 } 


ntpEntStatusNotifications OBJECT-TYPE 


SYNTAX Counter32 

UNITS "notifications" 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of SNMP notifications that this NTP 
entity has generated. 
Discountinuities in the value of this counter can occur 
upon cold start or reinitialization of the NTP entity, the 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 

::= { ntpEntStatus 16 } 


ntpEntStatPktModeTable OBJECT-TYPE 


SYNTAX SEQUENCE OF NtpEntStatPktModeEntry 
MAX-ACCESS not-accessible 

STATUS current 

DESCRIPTION 


"The number of packets sent and received by packet mode. 
One entry per packet mode." 
::= { ntpEntStatus 17 } 


ntpEntStatPktModeEntry OBJECT-TYPE 


SYNTAX NtpEntStatPktModeEntry 
MAX-ACCESS not-accessible 
STATUS current 
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DESCRIPTION 
"A statistical record of the number of packets sent and 
received for each packet mode." 

INDEX { ntpEntStatPktMode } 

::= { ntpEntStatPktModeTable 1 } 


NtpEntStatPktModeEntry ::= SEQUENCE { 
ntpEntStatPktMode INTEGER, 
ntpEntStatPktSent Counter32, 
ntpEntStatPktReceived Counter32 


} 


ntpEntStatPktMode OBJECT-TYPE 

SYNTAX INTEGER { 
symetricactive(l1l), 
symetricpassive (2), 
client (3), 
server (4), 
broadcastserver (5), 
broadcastclient (6) 

} 

MAX-ACCESS not-accessible 

STATUS current 

DESCRIPTION 

"The NTP packet mode." 
::= { ntpEntStatPktModeEntry 1 } 


ntpEntStatPktSent OBJECT-TYPE 


SYNTAX Counter32 
UNITS "packets" 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The number of NIP packets sent with this packet mode. 
Discountinuities in the value of this counter can occur 
upon cold start or reinitialization of the NTP entity, the 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 


::= { ntpEntStatPktModeEntry 2 } 


ntpEntStatPktReceived OBJECT-TYPE 


SYNTAX Counter32 
UNITS "packets" 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The number of NIP packets received with this packet mode. 
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Discountinuities in the value of this counter can occur 
upon cold start or reinitialization of the NTP entity, the 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 


::= { ntpEntStatPktModeEntry 3 } 


-—- Section 3: The status of all currently mobilized associations 


ntpAssociationTable OBJECT-TYPE 


SYNTAX SEQUENCE OF NtpAssociationEntry 
MAX-ACCESS not-accessible 

STATUS current 

DESCRIPTION 


"The table of currently mobilized associations." 
::= { ntpAssociation 1 } 


ntpAssociationEntry OBJECT-TYPE 
SYNTAX NtpAssociationEntry 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 
"The table entry of currently mobilized associations." 
INDEX { ntpAssoclId } 
::= { ntpAssociationTable 1 } 


NtpAssociationEntry ::= SEQUENCE { 
ntpAssocId Unsigned32, 
ntpAssocName Utf8String, 
ntpAssocReflid DisplayString, 
ntpAssocAddressType InetAddressType, 
ntpAssocAddress InetAddress, 
ntpAssocOffset DisplayString, 
ntpAssocStratum NtpStratum, 
ntpAssocStatusJitter DisplayString, 
ntpAssocStatusDelay DisplayString, 
ntpAssocStatusDispersion DisplayString 
} 
ntpAssocId OBJECT-TYPE 
SYNTAX Unsigned32 ( 1..99999 ) 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 
"The association ID. This is an internal, unique ID." 


::= { ntpAssociationEntry 1 } 
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ntpAssocName OBJECT-TYPE 
SYNTAX Utf8String 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The hostname or other descriptive name for the association." 
:= { ntpAssociationEntry 2 } 


ntpAssocRefiId OBJECT-TYPE 


SYNTAX DisplayString 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The refclock driver ID, if available." 
-- a refclock driver ID like "127.127.1.0" for non 
-- uni/multi/broadcast associations 
::= { ntpAssociationEntry 3 } 


ntpAssocAddressType OBJECT-TYPE 


SYNTAX InetAddressType { ipv4(1), ipv6(2), ipv4z(3), ipv6éz(4) } 
MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 


"The type of address of the association. Can be either IPv4 or 
IPv6 (both with or without zone index) and contains the type of 
address for unicast, multicast, and broadcast associations." 

::= { ntpAssociationEntry 4 } 


ntpAssocAddress OBJECT-TYPE 


SYNTAX InetAddress (SIZE (4|8|16|20)) 
MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 


"The IP address (IPv4 or IPv6, with or without zone index) of 
the association. The type and size depends on the 
ntpAssocAddressType object. Represents the IP address of a 
uni/multi/broadcast association." 

::= { ntpAssociationEntry 5 } 


ntpAssocOffset OBJECT-TYPE 


SYNTAX DisplayString 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The time offset to the association as a string." 
-- including unit, e.g., "0.032 ms" or "1.232 s" 
::= { ntpAssociationEntry 6 } 
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ntpAssocStratum OBJECT-TYPE 


SYNTAX NtpStratum 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The association stratum value." 
:= { ntpAssociationEntry 7 } 


ntpAssocStatusJitter OBJECT-TYPE 


SYNTAX DisplayString 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The jitter in milliseconds as a string." 
:= { ntpAssociationEntry 8 } 


ntpAssocStatusDelay OBJECT-TYPE 


SYNTAX DisplayString 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The network delay in milliseconds as a string." 
::= { ntpAssociationEntry 9 } 


ntpAssocStatusDispersion OBJECT-TYPE 


SYNTAX DisplayString 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The root dispersion of the association." 
SS 6G 6.927" 
::= { ntpAssociationEntry 10 } 


ntpAssociationStatisticsTable OBJECT-TYPE 


SYNTAX SEQUENCE OF NtpAssociationStatisticsEntry 
MAX-ACCESS not-accessible 

STATUS current 

DESCRIPTION 


"The table of statistics for current associations." 


::= { ntpAssociation 2 } 


ntpAssociationStatisticsEntry OBJECT-TYPE 
SYNTAX NtpAssociationStatisticsEntry 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 


June 2010 


"The table entry of statistics for current associations." 


INDEX { ntpAssoclId } 
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::= { ntpAssociationStatisticsTable 1 } 


NtpAssociationStatisticsEntry 
ntpAssocStatInPkts 
ntpAssocStatOutPkts 


::= SEQUENCE { 
Counter32, 
Counter32, 


ntpAssocStatProtocolError Counter32 


} 


ntpAssocStatiInPkts OBJECT-TYPE 


SYNTAX Counter32 
UNITS "packets" 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of NTP messages delivered to the 


NTP entity from this association. 
Discountinuities in the value of this counter can occur 


upon cold start or reinitialization of the NTP entity, 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 


:= { ntpAssociationStatisticsEntry 1 } 


ntpAssocStatOutPkts OBJECT-TYPE 


SYNTAX 
UNITS 
MAX-ACCESS 
STATUS 
DESCRIPTION 


"The total number of NTP messages delivered to the 
transport service by this NTP entity for this 


associa 


Counter32 
"packets" 
read-only 
current 


tion. 


June 2010 


the 


Discountinuities in the value of this counter can occur 


upon cold start or reinitialization of the NTP entity, 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 


::= { ntpAssociationStatisticsEntry 2 } 


ntpAssocStatProtocolError OBJECT-TYPE 


SYNTAX 
UNITS 
MAX-ACCESS 
STATUS 
DESCRIPTION 


"The total number of NTP messages that were delivered 


Counter32 
"packets" 


read-only 


current 


the 


to this NTP entity from this association and this entity 


was not able to process due to an NTP protocol error. 
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Discountinuities in the value of this counter can occur 
upon cold start or reinitialization of the NTP entity, the 
management system and at other times as indicated by 
discontinuities in the value of sysUpTime." 


::= { ntpAssociationStatisticsEntry 3 } 


-—- Section 4: Control objects 


ntpEntHeartbeatiInterval OBJECT-TYPE 

SYNTAX Unsigned32 

UNITS "seconds" 

MAX-ACCESS read-write 

STATUS current 

DESCRIPTION 
"The interval at which the ntpEntNotifHeartbeat notification 
should be sent, in seconds. If set to 0 and the 
entNotifHeartbeat bit in ntpEntNotifBits is 1, then 
ntpEntNotifHeartbeat is sent once. 
This value is stored persistently and will be restored to its 
last set value upon cold start or restart." 

DEFVAL { 60 } 

::= { ntpEntControl 1 } 


ntpEntNotifBits OBJECT-TYPE 
SYNTAX BITS { 

notUsed(0), -- Used to sync up bit and notification 
—- indices 

entNotifModeChange (1), 

entNotifStratumChange (2), 

entNotifSyspeerChanged (3), 

entNotifAddAssociation (4), 

entNotifRemoveAssociation(5), 

entNotifConfigChanged (6), 

entNotifLeapSecondAnnounced (7), 

entNotifHeartbeat (8) 


} 

MAX-ACCESS read-write 

STATUS current 

DESCRIPTION 
"A bit for each notification. A 1 for a particular bit enables 
that particular notification, a 0 disables it. 
This value is stored persistently and will be restored to its 
last set value upon cold start or restart." 

::= { ntpEntControl 2 } 
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-—- Section 5: Notification objects 


ntpEntNotifMessage OBJECT-TYPE 

SYNTAX Utf8String 

MAX-ACCESS accessible-for-notify 

STATUS current 

DESCRIPTION 
"Used as a payload object for all notifications. Holds a 
cleartext event message." 

DEFVAL { "no event" } 

::= { ntpEntNotifObjects 1 } 


-—-— SNMP notification definitions 


ntpEntNotifications OBJECT IDENTIFIER ::= { ntpSnmpMIB 0 } 


ntpEntNotifModeChange NOTIFICATION-TYPE 


OBJECTS { ntpEntStatusCurrentMode } 
STATUS current 
DESCRIPTION 


"The notification to be sent when the NTP entity changes mode, 
including starting and stopping (if possible) ." 
::= { ntpEntNotifications 1 } 


ntpEntNotifStratumChange NOTIFICATION-TYPE 


OBJECTS { ntpEntStatusDateTime, ntpEntStatusStratum, 
ntpEntNotifMessage } 

STATUS current 

DESCRIPTION 


"The notification to be sent when stratum level of NTP changes." 
::= { ntpEntNotifications 2 } 


ntpEntNotifSyspeerChanged NOTIFICATION-TYPE 


OBJECTS { ntpEntStatusDateTime, ntpEntStatusActiveRefSourceld, 
ntpEntNotifMessage } 
STATUS current 
DESCRIPTION 
"The notification to be sent when a (new) syspeer has been 
selected." 


:= { ntpEntNotifications 3 } 
ntpEntNotifAddAssociation NOTIFICATION-TYPE 


OBJECTS { ntpEntStatusDateTime, ntpAssocName, ntpEntNotifMessage } 
STATUS current 
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DESCRIPTION 
"The notification to be sent when a new association is 
mobilized." 

::= { ntpEntNotifications 4 } 


ntpEntNotifRemoveAssociation NOTIFICATION-TYPE 
OBJECTS { ntpEntStatusDateTime, ntpAssocName, ntpEntNotifMessage } 
STATUS current 
DESCRIPTION 
"The notification to be sent when an association is 
demobilized." 
::= { ntpEntNotifications 5 } 


ntpEntNotifConfigChanged NOTIFICATION-TYPE 


OBJECTS { ntpEntStatusDateTime, ntpEntNotifMessage } 
STATUS current 
DESCRIPTION 


"The notification to be sent when the NTP configuration has 
changed, e.g., when the system connected to the Internet and 
was assigned a new IP address by the ISPs DHCP server." 

::= { ntpEntNotifications 6 } 


ntpEntNotifLeapSecondAnnounced NOTIFICATION-TYPE 
OBJECTS { ntpEntStatusDateTime, ntpEntNotifMessage } 
STATUS current 
DESCRIPTION 
"The notification to be sent when a leap second has been 
announced." 
:= { ntpEntNotifications 7 } 


ntpEntNotifHeartbeat NOTIFICATION-TYPE 


OBJECTS { ntpEntStatusDateTime, ntpEntStatusCurrentMode, 
ntpEntHeartbeatInterval, ntpEntNotifMessage } 

STATUS current 

DESCRIPTION 


"The notification to be sent periodically (as defined by 
ntpEntHeartbeatInterval) to indicate that the NTP entity is 
still alive." 

::= { ntpEntNotifications 8 } 


-- Conformance/Compliance statements 


ntpEntConformance OBJECT IDENTIFIER { ntpSnmpMIB 2 } 


ntpEntCompliances OBJECT IDENTIFIER ::= { ntpEntConformance 1 } 
ntpEntGroups OBJECT IDENTIFIER ::= { ntpEntConformance 2 } 
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ntpEntNTPCompliance MODULE-COMPLIANCE 
STATUS current 
DESCRIPTION 
"The compliance statement for SNMP entities that use NTP and 
implement the NTP MIB." 
MODULE -- this module 
MANDATORY-GROUPS { 
ntpEntObjectsGroupl 


} 
::= { ntpEntCompliances 1 } 


ntpEntSNTPCompliance MODULE-COMPLIANCE 
STATUS current 
DESCRIPTION 
"The compliance statement for SNMP entities that use SNTP and 
implement the NTP MIB." 
MODULE -- this module 
MANDATORY-GROUPS { 
ntpEntObjectsGroupl 
} 
GROUP ntpEntObjectsGroup2 
DESCRIPTION 
"Optional object group." 
GROUP ntpEntNotifGroup 
DESCRIPTION 
"Optional notifications for this MIB." 
::= { ntpEntCompliances 2 } 


ntpEntObjectsGroupl OBJECT-GROUP 
OBJECTS { 
ntpEntSoftwareName, 
ntpEntSoftwareVersion, 
ntpEntSoftwareVendor, 
ntpEntSystemType, 
ntpEntStatusEntityUptime, 
ntpEntStatusDateTime, 
ntpAssocName, 
ntpAssocRefld, 
ntpAssocAddressType, 
ntpAssocAddress 
} 
STATUS current 
DESCRIPTION 
"A collection of objects for the NTP MIB." 
:= { ntpEntGroups 1 } 


ntpEntObjectsGroup2 OBJECT-GROUP 
OBJECTS { 
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ntpEntTimeResolution, 
ntpEntTimePrecision, 
ntpEntTimeDistance, 
ntpEntStatusCurrentMode, 
ntpEntStatusStratum, 
ntpEntStatusActiveRefSourceld, 
ntpEntStatusActiveRefSourceName, 
ntpEntStatusActiveOffset, 
ntpEntStatusNumberOfRefSources, 
ntpEntStatusDispersion, 
ntpEntStatusLeapSecond, 
ntpEntStatusLeapSecDirection, 
ntpEntStatusInPkts, 
ntpEntStatusOutPkts, 
ntpEntStatusBadVersion, 
ntpEntStatusProtocolError, 
ntpEntStatusNotifications, 
ntpEntStatPktSent, 
ntpEntStatPktReceived, 
ntpAssocOffset, 
ntpAssocStratum, 
ntpAssocStatusJitter, 
ntpAssocStatusDelay, 
ntpAssocStatusDispersion, 
ntpAssocStatInPkts, 
ntpAssocStatOutPkts, 
ntpAssocStatProtocolError, 
ntpEntHeartbeatInterval, 


ntpEntNotifBits, 
ntpEntNotifMessage 
} 
STATUS current 
DESCRIPTION 


"A collection of objects for the NTP MIB." 
::= { ntpEntGroups 2 } 


ntpEntNotifGroup NOTIFICATION-GROUP 
NOTIFICATIONS { 

ntpEntNotifModeChange, 
ntpEntNotifStratumChange, 
ntpEntNotifSyspeerChanged, 
ntpEntNotifAddAssociation, 
ntpEntNotifRemoveAssociation, 
ntpEntNotifConfigChanged, 
ntpEntNotifLeapSecondAnnounced, 
ntpEntNotifHeartbeat 


} 
STATUS current 
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END 


6. 


7. 


DESCRIPTION 
"A collection of notifications for the NTP MIB" 
::= { ntpEntGroups 3 } 


IANA Considerations 


The MIB module in this document uses the following IANA-assigned 
OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 


Descriptor OBJECT IDENTIFIER value 


ntpSnmp { mib-2 197 } 
Security Considerations 


There are currently two management objects defined in this MIB module 
with a MAX-ACCESS clause of read-write and/or read-create. Such 
objects may be considered sensitive or vulnerable in some network 
environments. The support for SET operations in a non-secure 
environment without proper protection can have a negative effect on 
network operations. These are the objects and their sensitivity/ 
vulnerability: 


ntpEntHeartbeatInterval controls the interval of heartbeat 
notifications. If set to 1, this will cause the NTP entity to send 
one notification each second. This is the maximum rate (1/s) that 
can be generated automatically. If it is set to 0, then one single 
hearbeat notification will be created and no further automatically 
generated notification is sent. This functionality can be used to 
create notifications at a higher rate (as high as the object can be 
written). 


ntpEntNotifBits enables/disables notifications. Could be used to 
switch off notifications in order to delay or eliminate the 
notification for critical and important events. 


Some of the readable objects in this MIB module (i.e., objects with a 
MAX-ACCESS other than not-accessible) may be considered sensitive or 
vulnerable in some network environments. It is thus important to 
control even GET and/or NOTIFY access to these objects and possibly 
to even encrypt the values of these objects when sending them over 
the network via SNMP. These are the tables and objects and their 
sensitivity/vulnerability: 
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9. 


9. 


ntpEntSoftwareName, ntpEntSoftwareVersion, ntpEntSoftwareVendor, and 
ntpEntSystemType all can be used to identify software and its version 
as well as the operating system and hardware platform. This might 
help a potential attacker to find security problems and therefore can 
be used in the preparation of an attack. 


SNMP versions prior to SNMPv3 did not include adequate security. 

Even if the network itself is secure (for example by using IPsec), 
even then, there is no control as to who on the secure network is 
allowed to access and GET/SET (read/change/create/delete) the objects 
in this MIB module. It is RECOMMENDED that implementers consider the 
security features as provided by the SNMPv3 framework (see RFC 3410 
[RFC3410], section 8), including full support for the SNMPv3 
cryptographic mechanisms (for authentication and privacy). Further, 
deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. 
Instead, it is RECOMMENDED to deploy SNMPv3 and to enable 
cryptographic security. It is then a customer/operator 
responsibility to ensure that the SNMP entity giving access to an 
instance of this MIB module is properly configured to give access to 
the objects only to those principals (users) that have legitimate 
rights to indeed GET or SET (change/create/delete) them. 
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